[master]

Squashed commit of the following:
    [rt33351]
    Check for overly long whitespace in files we are parsing and
    print a message and exit if we find it.  We could try and continue
    but given that the file is likely corrupt that doesn't seem useful.
    commit e5cde5645b6cdeee04761fa3671d9e9f3b5abdd4
    commit 25c632ab85e996f89a8e0337a3c5caef6ff4392a

diff --git a/RELNOTES b/RELNOTES
index 6b918f896507dff56c7e959e87e5772ecac4416c..d7d4c1ea9f3f7e971db00c32c1abeaa9885f69af 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -83,6 +83,10 @@ work on other platforms. Please report any problems and suggested fixes to
   a compiler warning on Solaris using GCC.
   [ISC-Bugs #33032]
 
+- Add a check for too much whitespace in a config or lease file.
+  Thanks to Paolo Pellegrino for finding the issue and a suggestion
+  for the patch.
+  [ISC-Bugs #33351]
                        Changes since 4.2.4
 
 - Correct code to calculate timing values in client to compare

diff --git a/common/conflex.c b/common/conflex.c
index 0da5076f46efe0b3e9c41bac0274a69980a2a274..ce688d53243320a17fe19ba4d0135a69f59183bf 100644 (file)
--- a/common/conflex.c
+++ b/common/conflex.c
@@ -470,6 +470,16 @@ read_whitespace(int c, struct parse *cfile) {
         */
        ofs = 0;
        do {
+               if (ofs >= sizeof(cfile->tokbuf)) {
+                       /*
+                        * As the file includes a huge amount of whitespace,
+                        * it's probably broken.
+                        * Print out a warning and bail out.
+                        */
+                       parse_warn(cfile,
+                                  "whitespace too long, buffer overflow.");
+                       log_fatal("Exiting");
+               }
                cfile->tokbuf[ofs++] = c;
                c = get_char(cfile);
        } while (!((c == '\n') && cfile->eol_token) &&